My colleague has recently installed the Sophos home cloud solution on his kids PC's, and it looks really good. He doesn't live with his kids anymore (divorce, nothing sinister!), but can keep an eye on the PC's making sure they have updated, scanned and see any infections as and when they occur. It got me thinking, I could use this to keep an eye on my Mum, sister and Grandads laptops which might hopefully mean less time repairing them.

But I currently have Avast anti-virus on them all, and apart from Grandads the other computers have been fine, and I wonder how much of this is due to the plugin on Avast that warns about infected websites before you open them (something Sophos doesn't have.)

I'm just wondering what the rest of the community thinks is more important? Central, proactive monitoring (which realistically I'll only be checking maybe once every two months) or realtime blocking of infected websites?

15 Replies

This person is a verified professional.

If you have product A on the pc and it has viruses etc that would not speak highly of that product. Product A has demonstrated that it will NOT work for that usage. Time to try something else.

I have been happy with the Sophos free version on several pc's at home. Between that and tireless training of my wife not to click on everything has resulted in years of virus free operation. System slow downs at my house are the results of general clutter and a quick clean up has things back on track quickly.

If you want to get proactive, I would suggest the Sophos Home UTM or Untanlge, and then a AV other than Sophos since you have the UTM. I have Avast on my home machines and think it is great. The fact is thought, that you can invite infections into your machine, and no AV is going to stop that behavior (yes I would love to download this java game!).

Prehaps it isn't an AV product he needs. I don't run any AV stuff at home although i wouldn't recommend that for non IT people but what i do run is malwarebytes. Stopping malware and spyware seems to be more important and common than virus's these days.

Start simple. I stick with Security Essentials/Defender, Malwarebytes paid for repeat offenders, no admin rights, and a whitelist SRP if they're on Pro. OpenDNS can help too.

Also, before he died my grandfather had a computer and really struggled to use it, and I often had to help him with it. Then we talked him into an iPad, he understood it quick and used it a ton, and never touched the computer again. Depending on your grandfather's abilities (technical and otherwise), it may be worth re-thinking the device instead of the configuration.

This person is a verified professional.

My colleague has recently installed the Sophos home cloud solution on his kids PC's, and it looks really good. He doesn't live with his kids anymore (divorce, nothing sinister!), but can keep an eye on the PC's making sure they have updated, scanned and see any infections as and when they occur. It got me thinking, I could use this to keep an eye on my Mum, sister and Grandads laptops which might hopefully mean less time repairing them.

TeamViewer is still free for home use. It's not protection, but it will let you remote in and work on their machines without having to actually go anywhere.

I have Sophos Home on several family members PC's. I have found it very useful, it can block potentially harmful websites as well as malware\virus' being installed, it also comes with web filtering. The web portal allows you to check o each system and see any warnings or possible infections and clean them from there. You can initiate scans, add exceptions for web sites and legitimate programs that need to be installed that Sophos thinks may be harmful, had to do that for Steam.

Snufykat, I think it's a little unfair on Avast to say that it's not working, my Grandad has only been using a PC for two years. He's had some training from a few people and is doing really well with it, but I can't shake the feeling he might click on the odd thing he shouldn't from time to time. He's also using Internet Explorer so no add blocker to protect him from malicious adds.

He does have an anti-malware program on there, his neighbor pulled off malware bytes that I installed and put another one on (I can't remember what it's called but I Googled it and it was legit and had good reviews.)

I have Sophos Home on several family members PC's. I have found it very useful, it can block potentially harmful websites as well as malware\virus' being installed, it also comes with web filtering. The web portal allows you to check o each system and see any warnings or possible infections and clean them from there. You can initiate scans, add exceptions for web sites and legitimate programs that need to be installed that Sophos thinks may be harmful, had to do that for Steam.

My colleague sears by it, he showed me the console and it looks very good. We can't believe it's free if I'm honest!

This person is a verified professional.

Snufykat, I think it's a little unfair on Avast to say that it's not working, my Grandad has only been using a PC for two years. He's had some training from a few people and is doing really well with it, but I can't shake the feeling he might click on the odd thing he shouldn't from time to time. He's also using Internet Explorer so no add blocker to protect him from malicious adds.

He does have an anti-malware program on there, his neighbor pulled off malware bytes that I installed and put another one on (I can't remember what it's called but I Googled it and it was legit and had good reviews.)

That's a good shout is open DNS, I hadn't thought of that!

Not that Avast is a bad product it is just not the right one for your situation. Not many AV products are going to stop a user that tells crapware to do its thing.

You could try Malwarebytes trial mode to see if the web protection can help you and your family stay safe. We recently rolled anti-ransomware protection into the same agent as well! you can get a bit more proactive with it also by setting up scheduled scans on the machines in your household. you can check out whats available during the trial here https://www.malwarebytes.com/trial/#trial

I personally strongly encourage finding a way to maintain proactive live protection on your machines. There are many ways for malware/crapware to be delivered to endpoints these days, and with ransomware out in the wild, you want more layers than less.

This person is a verified professional.

I agree with Snufykat -- user education is really key, and while everyone's goal is 100% protection, a layered approach is always best. Of course, it all depends on the solution being used and how it's set up. Let's take Avast Free for example.

Malware attempts to come down through a malicious URL in the browser -- Web Shield would normally catch this. If it slips though, File Shield/CyberCapture would isolate and identify it, and stop it for analysis (even if it's unknown/zero-day) before it can do damage. All the while, the new Behavior Shield is actively watching apps and processes for malicious activity, also to prevent damage (for example, unknown or brand new malware makes it down embedded in a Word macro, which then Behavior Shield is designed to protect when it tries to behave badly.)

If any of these layers are disabled, or exclusions are in place, then infections could be more likely.

My recommendation, if you are using Avast Free, would be to enable all the shields above -- which goes many steps beyond basic OS-provided protection -- and also consider installing the SafeZone browser for even safer (read: isolated) browsing in this case.

For centralized management, Avast for Business Basic is no longer available for new signups but you could do this with the Enterprise licenses, although that may be a bit overkill :)

We just installed Bitdefender Box for my home. It acts as a wifi router and also gives us Bitdefender AV license So far, it works great! we get to see the traffic going in and out of all the devices, now just computers, but also all the connected devices and phones.

1st Post

For home use, I really like Webroot combined with Zemana Antilogger. You can monitor everyone's devices and push scans easily. I've recently switched away because my wife uses Outlook at home for her work's exchange account rather than web-based email, and I've heard some horrorstories on here about how Webroot allowed infected files to get mailed around.

At times, I've also used Avira Pro, and one that doesn't get enough attention here: F-Secure. You can monitor everyone, it runs off BitDefender's definitions and their own hueristics, and it's pretty light and quiet. Their "beta" product is pretty much a gold release, *free*, and they give you a license for 10 machines, if I recall.

1

This topic has been locked by an administrator and is no longer open for commenting.